CVE-2026-45344

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

EUVD-2026-33054

LinkAce is a self-hosted archive to collect website links. Prior to 2.5.6, the setup database configuration flow on uninitialized LinkAce instances accepts attacker-controlled database credential fields and writes them back into .env without escaping. A remote attacker who can reach the setup...

kernel: netfilter: nft_flow_offload: reset dst in route object after setting up flow

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftflowoffload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flowoffloadadd fails, error path...

CVE-2018-7911

Some Huawei smart phones ALP-AL00B 8.0.0.106C00, 8.0.0.113SP2C00, 8.0.0.113SP3C00, 8.0.0.113SP7C00, 8.0.0.118C00, 8.0.0.120SP2C00, 8.0.0.125SP1C00, 8.0.0.125SP3C00, 8.0.0.126SP2C00, 8.0.0.126SP5C00, 8.0.0.127SP1C00, 8.0.0.128SP2C00, ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113SP7C01, 8.0.0.118C01,...